mirror of
https://github.com/SabreTools/BinaryObjectScanner.git
synced 2026-07-08 18:06:34 +00:00
Add Spoon Installer detection (fixes #98)
This commit is contained in:
25
BinaryObjectScanner/Packer/SpoonInstaller.cs
Normal file
25
BinaryObjectScanner/Packer/SpoonInstaller.cs
Normal file
@@ -0,0 +1,25 @@
|
||||
using BinaryObjectScanner.Interfaces;
|
||||
using SabreTools.Serialization.Wrappers;
|
||||
|
||||
namespace BinaryObjectScanner.Packer
|
||||
{
|
||||
/// <summary>
|
||||
/// Spoon Installer
|
||||
/// </summary>
|
||||
public class SpoonInstaller : IExecutableCheck<PortableExecutable>
|
||||
{
|
||||
/// <inheritdoc/>
|
||||
public string? CheckExecutable(string file, PortableExecutable exe, bool includeDebug)
|
||||
{
|
||||
// <see href="https://www.virustotal.com/gui/file/ad876d9aa59a2c51af776ce7c095af69f41f2947c6a46cfe87a724ecf8745084/details"/>
|
||||
var name = exe.AssemblyDescription;
|
||||
if (name.OptionalEquals("Spoon Installer"))
|
||||
return "Spoon Installer";
|
||||
|
||||
// TODO: Add assembly identity name check as well: "Illustrate.Spoon.Installer"
|
||||
// Requires adding a helper to get the first Assembly Identity whose name is not null
|
||||
|
||||
return null;
|
||||
}
|
||||
}
|
||||
}
|
||||
@@ -171,6 +171,7 @@ Below is a list of executable packers detected by BinaryObjectScanner. The three
|
||||
| PKLITE32 | Yes | No | No | |
|
||||
| Setup Factory | Yes | No | No | |
|
||||
| Shrinker | Yes | No | No | |
|
||||
| Spoon Installer | Yes | No | No | |
|
||||
| UPX and UPX (NOS Variant) | Yes | No | No | |
|
||||
| WinRAR SFX | Yes | No | Yes | |
|
||||
| WinZip SFX | Yes | No | Yes | |
|
||||
|
||||
Reference in New Issue
Block a user